MUST READ

GlassWorm malware has resurfaced on the Open VSX registry

 | 

Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

 | 

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

 | 

Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

 | 

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

 | 

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

 | 

Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

China-linked hackers target U.S. non-profit in long-term espionage campaign

 | 

A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem

 | 

LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

 | 

Cisco fixes critical UCCX flaw allowing Root command execution

 | 

Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices

 | 

Google sounds alarm on self-modifying AI malware

 | 

Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs

 | 

SonicWall blames state-sponsored hackers for September security breach

 | 

U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program

 | 

Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks

 | 

U.S. CISA adds Gladinet CentreStack, and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog

 | 

Nine arrested in €600M crypto laundering bust across Europe

 | 

hacking news

Pierluigi Paganini May 08, 2022
Security Affairs newsletter Round 364 by Pierluigi Paganini

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Raspberry Robin spreads via removable USB devices Malware campaign hides a shellcode into Windows […]

Pierluigi Paganini May 08, 2022
US DoS offers a reward of up to $15M for info on Conti ransomware gang

The US Government offers up to $15 million for information that helps identify and locate leadership and co-conspirators of the Conti ransomware gang. The US Department of State offers up to $15 million for information that helps identify and locate leadership and co-conspirators of the Conti ransomware gang. The reward is offered under the Department […]

Pierluigi Paganini May 07, 2022
Raspberry Robin spreads via removable USB devices

Researchers discovered a new Windows malware, dubbed Raspberry Robin, with worm-like capabilities that spreads via removable USB devices. Cybersecurity researchers from Red Canary have spotted a new Windows malware, dubbed Raspberry Robin, with worm-like capabilities that propagates through removable USB devices. “Raspberry Robin is Red Canary’s name for a cluster of activity we first observed […]

Pierluigi Paganini May 07, 2022
Malware campaign hides a shellcode into Windows event logs

Experts spotted a malware campaign that is the first one using a technique of hiding a shellcode into Windows event logs. In February 2022 researchers from Kaspersky spotted a malicious campaign using a novel technique that consists of hiding the shellcode in Windows event logs. The technique allows hiding a fileless Trojan, the experts also […]

Pierluigi Paganini May 06, 2022
How the thriving fraud industry within Facebook attacks independent media

Experts investigate how stolen Facebook accounts are used as part of a well-established fraud industry inside Facebook. No eyebrows were raised in Quriums security operation center when the independent Philippine media outlet Bulatlat once again got DDoSed, as they are a frequent target of such digital attacks. However, when we noticed that the attack traffic came from […]

Pierluigi Paganini May 06, 2022
QNAP fixes multiple flaws, including a QVR RCE vulnerability

QNAP addressed multiple vulnerabilities, including a critical remote execution flaw affecting the QVR video surveillance solution. QNAP has addressed multiple vulnerabilities, including a critical security issue, tracked as CVE-2022-27588 (CVSS score of 9.8), that could be exploited by a remote attacker to execute arbitrary commands on vulnerable QVR systems. QNAP QVR is a video surveillance […]

Pierluigi Paganini May 06, 2022
Anonymous and Ukraine IT Army continue to target Russian entities

The Anonymous collective and the volunteer group Ukraine IT Army continues to launch cyber attacks on Russian entities. The Anonymous collective continues its cyber war on Russian businesses and government organizations. Below is the list of the most recent organizations targeted by the collective that also leaked stolen data through the DDoSecrets platform: CorpMSP is […]

Pierluigi Paganini May 06, 2022
NetDooka framework distributed via a pay-per-install (PPI) malware service

Researchers discovered a sophisticated malware framework, dubbed NetDooka, distributed via a pay-per-install (PPI) malware service known as PrivateLoader. Trend Micro researchers uncovered a sophisticated malware framework dubbed NetDooka that is distributed via a pay-per-install (PPI) service known as PrivateLoader and includes multiple components, including a loader, a dropper, a protection driver, and a full-featured remote […]

Pierluigi Paganini May 06, 2022
Vulnerable Docker Installations Are A Playhouse for Malware Attacks

Uptycs researchers identified ongoing malicious campaigns through our Docker honeypot targeting exposed Docker API. The Uptycs Threat Research team has identified ongoing malicious campaigns through our Docker honeypot targeting exposed Docker API port 2375. The attacks are related to crypto miners and reverse shells on the vulnerable servers using base64-encoded commands in the cmdline, built […]

Pierluigi Paganini May 06, 2022
Ukraine IT Army hit EGAIS portal impacting Russia’s alcohol distribution

Ukraine IT Army launched massive DDoS attacks on the EGAIS portal that has a crucial role in Russia’s alcohol distribution. The collective of hacktivists Ukraine IT Army has launched a series of massive DDoS attacks on the Unified State Automated Alcohol Accounting Information System (EGAIS) portal, which is considered crucial for alcohol distribution in Russia. […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

GlassWorm malware has resurfaced on the Open VSX registry

Malware / November 10, 2025

Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

Security / November 10, 2025

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

Uncategorized / November 10, 2025

Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

Malware / November 10, 2025

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

Hacking / November 10, 2025